You can manage operation of Dr.Web for Linux from the command line of the operating system. For that, you can use the special Dr.Web Ctl utility (drweb-ctl). You can use it to perform the following operations:
•Start scanning file system objects including boot records.
•Launch of scanning of files on remote network hosts (see note below).
•Start updating anti-virus components (virus databases, the scan engine, and so on depending on the distribution).
•View and change parameters of the Dr.Web for Linux configuration.
•View the status of the Dr.Web for Linux components and statistics on detected threats.
•View quarantine and manage quarantined objects.
•Connect to the centralized protection server or disconnect from it.
User commands to control Dr.Web for Linux will only take effect if Dr.Web for Linux service components are running (by default, they are automatically run on system startup).
|
Note that some control commands require superuser privileges. To elevate privileges, use the su command (change the current user) or the sudo command (execute the specified command with other user privileges). |
The drweb-ctl tool supports auto-completion of commands for managing Dr.Web for Linux operation if this option is enabled in your command shell. If the command shell does not allow auto-completion, you can configure this option. For that purpose, refer to the instruction manual for your OS distribution.
|
When shutting down, the tool returns the exit code according to convention for the POSIX compliant systems: 0 (zero)—if an operation is successfully completed, non-zero—if otherwise. Note that the tool only returns a non-null exit code in the case of internal error (for example, the tool could not connect to a component, the requested operation could not be executed, and so on). If the tool detects and possibly neutralizes a threat, it returns the null exit code, because the requested operation (such as scan, and so on) is successfully completed. If you need to define the list of the detected threats and applied actions, analyze the messages displayed on the console. Codes of all errors are listed in the Appendix D. Known Errors section. |
Dr.Web for Linux allows you to scan files located on remote network hosts for threats. Such hosts can be not only fully-featured computing machines, such as workstations and servers, but also routers, set-top boxes, and other smart devices of the Internet of Things. To perform the remote scanning, the remote host has to provide a remote terminal access via SSH (Secure Shell) or Telnet. To access the device, you need to know an IP address and a domain name of the remote host, as well as the credentials of the user that can remotely access the system via SSH or Telnet. This user must have access rights to the scanned files (at least the reading rights).
This function can be used only for detection of malicious and suspicious files on a remote host. Elimination of threats (i.e. isolation in the quarantine, removal, and cure of malicious objects) using remote scanning is impossible. To eliminate the detected threats on the remote host, use administration tools provided directly by this host. For example, for routers and other smart devices, update the firmware; for computing machines, establish a connection (in a remote terminal mode, as one of the options) and perform the respective operations in the file system (remove or move files, etc.), or run the anti-virus software installed on them.
Remote scanning is only performed via the command-line tool drweb-ctl (using the command remotescan).